Malwarebytes reports real-time detection (v1.14.15)
Moderator: Forum Moderators
Forum rules
Before reporting issues in this section, you must read the following topic:
Before reporting issues in this section, you must read the following topic:
- Spannerbag
- Posts: 538
- Joined: December 18th, 2016, 6:14 pm
- Location: Yes
Malwarebytes reports real-time detection (v1.14.15)
Hi,
This is just a heads-up.
I use Malwarebytes (Mwb) v1.0.38435 (licensed) and it recently started compaining about Wesnoth.exe (v1.14.15, which had been installed for months without, afaik, any changes). So I reinstalled and re-scanned. Same again.
I am 99% sure this is a false positive generated by their machine learning software (the actual issue id is Malware.AI.1576335953) and have submitted a ticked to malwarebytes and am awaiting a response.
If anyone else has had this issue and is worried, I'm happy to post Mwb's reply here. Also if anyone else is ahead of me in this I'd really like to hear their experience...
Please feel free to get back to me if you'd like more details (PM preferred if you want a swift response )
Cheers!
-- Spannerbag
This is just a heads-up.
I use Malwarebytes (Mwb) v1.0.38435 (licensed) and it recently started compaining about Wesnoth.exe (v1.14.15, which had been installed for months without, afaik, any changes). So I reinstalled and re-scanned. Same again.
I am 99% sure this is a false positive generated by their machine learning software (the actual issue id is Malware.AI.1576335953) and have submitted a ticked to malwarebytes and am awaiting a response.
If anyone else has had this issue and is worried, I'm happy to post Mwb's reply here. Also if anyone else is ahead of me in this I'd really like to hear their experience...
Please feel free to get back to me if you'd like more details (PM preferred if you want a swift response )
Cheers!
-- Spannerbag
- Pentarctagon
- Project Manager
- Posts: 5576
- Joined: March 22nd, 2009, 10:50 pm
- Location: Earth (occasionally)
Re: Malwarebytes reports real-time detection (v1.14.15)
Thanks for submitting the ticket to Malwarebytes
99 little bugs in the code, 99 little bugs
take one down, patch it around
-2,147,483,648 little bugs in the code
take one down, patch it around
-2,147,483,648 little bugs in the code
- Spannerbag
- Posts: 538
- Joined: December 18th, 2016, 6:14 pm
- Location: Yes
Re: Malwarebytes reports real-time detection (v1.14.15)
You're very welcome
Update:
The first step in getting my ticket sorted was to upload the antivirus logs via the Support Tool.
I duly downloaded (and unblocked) it. Though apparently launching OK on my elderly Windows 7 PC it unfortunately then simply quit silenty. No error, nada
Afaik I have all the pre-requisites installed. So I replied to Malwarebytes and am awaiting their response. (I suspect I may wait some time...).
Since then I have done a bit more digging and found a forum post; Machine Learning/Anomalous Detections and Explanation which may be of interest to programmers?
Fyi it is possible to flag Wesnoth.exe as a false positive. As someone who has not been involved at all with the coding of the game itself I don't feel comfy doing this until it's been considered by a more informed and knowlegeable community first! (This also needs a log upload, so I can't do it at present anyway...)
Cheers!
-- Spannerbag
Re: Malwarebytes reports real-time detection (v1.14.15)
To be frank ... they call it "machine learning" but if you read through the entire post and get to the details buried near the end it sounds like it may just be performing some very simple checks on executable files. In particular, it mentions that one of the reasons it may flag a file as "anomalous" is "the lack of a valid digital signature." I wonder if that might be the only issue that it's detecting (since wesnoth.exe is relatively unusual these days in that it does not have a digital signature).Spannerbag wrote: ↑March 21st, 2021, 12:40 pm Since then I have done a bit more digging and found a forum post; Machine Learning/Anomalous Detections and Explanation which may be of interest to programmers?
- Pentarctagon
- Project Manager
- Posts: 5576
- Joined: March 22nd, 2009, 10:50 pm
- Location: Earth (occasionally)
Re: Malwarebytes reports real-time detection (v1.14.15)
Well, it wouldn't be the first time that not having a valid certificate caused problems with anti-virus (ie: #5568). Unfortunately the solution isn't simple and also not especially cheap either.
99 little bugs in the code, 99 little bugs
take one down, patch it around
-2,147,483,648 little bugs in the code
take one down, patch it around
-2,147,483,648 little bugs in the code
- Spannerbag
- Posts: 538
- Joined: December 18th, 2016, 6:14 pm
- Location: Yes
+RESOLVED+ Malwarebytes reports real-time detection (v1.14.15)
Issue went away, to quote Malwarebytes: The original detection was likely a false positive that was fixed on our end.
Glad to have it confirmed as a false positive!
Cheers!
-- Spannerbag
Glad to have it confirmed as a false positive!
Cheers!
-- Spannerbag